찾아줄게요
GUL 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 GUL라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
GUL 파일은 훈민정음 워드 파일 입니다. 삼성전자에서 배포한 파일인 것으로 보입니다. 2008-08-31 00:25:26에 처음으로 보고되었으며 2008-08-31 00:25:26에 마지막으로 보고되었습니다.
-
정음Global, 훈민워드 뷰어 프로그램을 다운로드하여 GUL 파일을 열 수 있습니다.
-
훈민정음 워드 파일
-
시그니처 정보가 없습니다.
-
연관 링크 #1: https://www.jungum.com/
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-02 16:25:45] @reecdeep #AgentTesla #Malware by #GuLoader targets #Italy ???????? "BONIFICO COPIA" MD5: 8AD9C79F695CB854D1584A7E270EA48A ????hxxps://drive.google.com/uc?export= download&id= 1_tmOrsXmaRhiOpQCSlDNbbwfgNv7Dje7 ???? [email protected] -> smtp.yandex.com #infosec #CyberSecurity #cybercrime https://twitter.com/reecdeep/status/1410892438349168641/photo/1
-
[2021-07-02 15:00:56] @reecdeep ⚠️#GuLoader #Malware targeting #Italy ???????? spawns #Lokibot "Offerta urgente" MD5: BDAD7DD581E9499C956880D9363D61A3 ????hxxps://andreameixueiro.com/karin_FiAFyfucWz16.bin ???? c2: karinedocesesalgados.com.br/karin/five/fre.php #infosec #CyberSecurity #cybercrime #Security https://twitter.com/reecdeep/status/1410871093418659841/photo/1
-
[2021-06-29 21:43:21] @satontonton file:2.exe hash:b9b57201aeabc5f80c14511cb04610c4 C2(guloader):https\://drive.google\.com/uc?export= download&id= 1mTKPvw8qL27QyRsodxIQX0YLuZz1OgyV
-
[2021-06-29 21:00:27] @satontonton 日本語の #不審メール が届いていました。 件名:Re:プロフォーマインボイス File:プロフォーマインボイス pdf.rar HASH:a2dff2d4866d39b2c05bb18a395f7d6a triage: https://tria.ge/210629-nzqpc4djsn anyrun: https://app.any.run/tasks/b5ff76d5-2119-43db-aad4-7931a7c3ae05 #lokibot #guloader 実在の国内企業を騙ったメールです。 https://twitter.com/satontonton/status/1409874407175168002/photo/1
-
[2021-06-28 22:49:17] @reecdeep #Malware #Raccon targets #Italy ???????? XLSX > #GuLoader > EXE https://app.any.run/tasks/57c0823d-885a-414b-9dc0-27fc9328f5b1 1⃣p://maizefucanism.hopto.org/new.exe 2⃣ps://drive.google.com/uc?export= download&id= 1V8t6cBYUxfu3nP2JKKKyCtxGO5SylImh 3⃣ps://tttttt.me/hapikmalabar ????c2: 34.141.128.39 #infosec #CyberSecurity https://twitter.com/reecdeep/status/1409539406415945735/photo/1
-
[2021-06-28 16:58:28] @reecdeep #GuLoader targets #Italy ???????? spawning #FormBook #Malware "Invio ordine fornitore" MD5: 45E6616D2335A4A0A6AE5B8CBBAE243F ????hxxps://drive.google.com/uc?export= download&id= 1L9rOHmkZRRPLD4OXw6gSJrp_2y9_S6Hi ????c2: cunix88.com #infosec #CyberSecurity #cybercrime #Security https://twitter.com/reecdeep/status/1409451122511814657/photo/1
-
[2021-06-28 07:40:47] @bomccss ■C2 hxxp://63.141.228.141/32.php/s396KA3xaZWY1 メール件名や文面、C2通信先ともに6/9、6/22のものと同一です。 6/22と同じくGuloaderを挟んでいます。 https://twitter.com/bomccss/status/1407183167870488584
-
[2021-06-28 07:38:38] @bomccss 2021/06/28 日本語のマルウェア付きメールを確認しました。 ■件名 Re:プロフォーマインボイス ■添付ファイル プロフォーマインボイス pdf.rar ■サンプル https://tria.ge/210627-xk9de1y9hs https://www.virustotal.com/gui/file/eb2691044faf61721a84eace5cd2a16cf50172decc80d7220877303e7f83e004/detection https://app.any.run/tasks/e9fffb97-a4eb-4157-8ac0-79615e5b2700/ #guloader -> #lokibot https://twitter.com/bomccss/status/1409310233390841859/photo/1
-
[2021-06-22 10:49:07] @bomccss ■C2 hxxp://63.141.228.141/32.php/s396KA3xaZWY1 メール件名や文面、C2通信先ともに6/9のものと同一です。 違いは一次マルウェアとしてGuloaderを挟んだことです。 https://twitter.com/bomccss/status/1402486100870897668
-
[2021-06-22 10:46:26] @bomccss 2021/06/22 日本語のマルウェア付きメールを確認しました。 ■件名 Re:プロフォーマインボイス ■添付ファイル プロフォーマインボイス pdf.rar ■サンプル https://tria.ge/210622-gyl51791de https://www.virustotal.com/gui/file/ce31fff6a5071cce7ff3e15784a77ec58e0e7110222bf3617864973ae4902f64/detection https://app.any.run/tasks/4b2fee7f-8b47-4319-9c3f-69d73dcc54b8/ #guloader -> #lokibot です。 https://twitter.com/bomccss/status/1407183167870488584/photo/1
-
[2021-06-21 23:33:42] @ps66uk "unpaid invoice_937928_438_pdf" EML > ISO > #guloader > #azorult f4bb76dda7c1f264ffdb934f633ecc278acc7a4cb7b0d71248cc1cddde42629f https://capesandbox.com/analysis/167302/ https://tria.ge/210621-dlmmqk75ys
-
[2021-06-21 21:36:50] @reecdeep @CapeSandbox has been able to analyze a #GuLoader sample spawning #AzoRult #Malware ⚙️ https://capesandbox.com/analysis/167302/ ????hxxps://drive.google.com/uc?export= download&id= 1EW87t-CfFEK2A6y7josyyhmW5Oazk7aL ????c2: hxxp://46.183.221.49/Panel/index.php #infosec #CyberSecurity #Security https://twitter.com/reecdeep/status/1406984458511732736/photo/1
-
[2021-06-07 20:25:44] @James_inthe_box Some #guloader in this #opendir: http://ztechinternational.com/Img cc @FewAtoms @abuse_ch https://twitter.com/James_inthe_box/status/1401893139376316423/photo/1
-
[2021-06-06 00:28:55] @ggyaf Aí rapaziada. resolvi trazer essa bomba free. pq tem mt espertinho tentando vender o bagulho que tem de graça na internet ai. Aproveitem pq provavelmente no próximo patch ja vai tomar fix. Download: https://www.mediafire.com/file/plsjw0a6nehrsza/crasher.zip/file Links: https://github.com/vperpl/sex-ploits/releases/tag/J%23e https://www.virustotal.com/gui/file/bf9066bf502bd726dbecac61b2a3d98bd0ddc87d35912fc8e40fa481a8d0e6fa/detection https://twitter.com/ggyaf/status/1401229560834924545/video/1
-
[2021-06-05 16:37:11] @fwosar Looks like EvilCorp is trying to pass off as Babuk this time. As Babuk releases their PayloadBin leak portal. EvilCorp rebrands WastedLocker once again as PayloadBin in an attempt to trick victims into violating OFAC regulations. Sample: https://www.virustotal.com/gui/file/69775389eb0207fec3a3f5649a0ad9315856c810f595c086ac49d68cdbc1d136/details
-
[2021-06-03 00:48:32] @JAMESWT_MHT "Richiesta Preventivo" spread #guloader #italy Gz https://bazaar.abuse.ch/sample/c879d048fe80a2accf2caefd8994da819747298a42c37722449b1f4eed2f50bd/ Zip password protected not write in email (pw 1) https://bazaar.abuse.ch/sample/a6603d5f8c0ad964f7b8eeb818aebab8ffcb997af1997e67cb0d093f26e88179/ Exe https://bazaar.abuse.ch/sample/c690e225c34a033b475fbd75beb572bcc723495e395d97f48c9abd48338b4d02/ C2 config hXXps://andreameixueiro.com/build_EXjhnftQHX181.bin https://bazaar.abuse.ch/sample/4b64d0da154dc6fc6a816c1c3344edae68ee27c9afe4f2b6b7e3a773eaa1c7ad/ cc @Arkbird_SOLG https://twitter.com/JAMESWT_MHT/status/1400147332314939395/photo/1
-
[2021-04-15 19:04:31] @Lvanoel https://www.politico.eu/article/europe-strict-rules-artificial-intelligence/ The sooner the better. And i applaud the EU that they want to regulate it on a EU level. and not on a country level.
-
[2021-04-14 17:33:02] @pmmkowalczyk #GuLoader #Malware spotted in ???????? Faktura.exe d95d6dcc52fd796941761105cbcb1a2a payload url: https://drive.google.com/uc?export= download&id= 1vE-nQalTKXPwIiSR93z2usjG59FZhOHv @CERT_OPL @CERT_Polska @500mk500 @James_inthe_box @reecdeep @B0rys_Grishenko @abuse_ch
-
[2021-04-11 23:31:03] @Cryptolaemus1 @black_r3ach3r Emotet rarely if ever used XLSBs for dropping macros. We usually saw only doc macro files. This loader you have here is #guloader according to Triage. https://tria.ge/210411-314snm3yt6 Thanks for the heads up!
-
[2021-04-06 20:24:53] @JAMESWT_MHT #GuLoader #italy spread #AgentTesla Iso https://bazaar.abuse.ch/sample/df4c5175a544bf5c01837295a3e7d9e427d74c4f3fb4ec68a588d47a640deac5/ Exe https://bazaar.abuse.ch/sample/422287b67dd187c3fae4472cdf654ef69354ab78ac094dee6711874c9e59f1f4/ Url Thanks to @abuse_ch https://urlhaus.abuse.ch/url/1103015/ Bin https://bazaar.abuse.ch/sample/3faacd614b9ed157753b647d473e1e9924183524d31b831332398c5d48ed9aa2/ From [email protected] To sanetbehin.co@gmail .com cc @verovaleros @sugimu_sec https://twitter.com/JAMESWT_MHT/status/1379424876532879364/photo/1
-
[2021-04-06 17:27:32] @reecdeep #Guloader targeting #Italy ???????? spawns #Agenttesla #Malware "Ordine d'acquisto" ⚙️ https://app.any.run/tasks/f02cdc85-9226-4571-87bf-404dc68910f4 https://capesandbox.com/analysis/132639/ ???? hxxps://drive.google.com/uc?export= download&id= 1kid0owgaMCzRLqlPjIt2boGIIgOTgmca c2: .. #infosec #CyberSecurity #DFIR #cybercrime #Security
-
[2021-04-02 12:01:17] @JAMESWT_MHT @KomodoThreat @malwrhunterteam @VK_Intel @Arkbird_SOLG @ffforward @fr0s7_ @lazyactivist192 @Jan0fficial @Cryptolaemus1 @guelfoweb @FBussoletti and too these #AgentTesla #GuLoader hXXps://mariotessarollo.com/a/specof.bin hXXps://mariotessarollo.com/cp/cp.msi hXXps://mariotessarollo.com/ot/otb.msi Samples https://bazaar.abuse.ch/browse/tag/mariotessarollo.com/ cc @verovaleros @sugimu_sec @felixw3000 https://twitter.com/JAMESWT_MHT/status/1377848587149787137/photo/1
-
[2021-04-02 10:50:14] @JAMESWT_MHT @KomodoThreat @malwrhunterteam #Loader sogecoenergy.com/ot/ot.msi https://bazaar.abuse.ch/sample/1b60035df84046b1b7d4f2f4d9d965ea9c14163eb1b84b078d99670ed6399b1b/ https://bazaar.abuse.ch/sample/40879e36f47835c7af7d4e54d844469e5a1f58fda44027a9005ca61bf33d4a6d > #AgentTesla #GuLoader https://bazaar.abuse.ch/sample/f32f7005937b4c94ff31996fde6a0843c05bfb47458ad29a15ddf3fb70c435d2/ >mariotessarollo.com/or/ag.bin cdrcusinato.com https://bazaar.abuse.ch/sample/7c74c08c57b18ea03153b277343559feee78712dc0d924a0db0b13097810785a/ >mariotessarollo.com/ot/ot.bin sogecoenergy.com https://bazaar.abuse.ch/sample/fc72dbb97d91ca7271e5603ca45bbbc9999bf664be39b40dada4e215c5ed6ae3/ https://twitter.com/JAMESWT_MHT/status/1377830706961911809/photo/1
-
[2021-03-30 09:04:15] @3XS0 #GuLoader #Malware from #maldoc https://app.any.run/tasks/987c76df-16cc-46fa-b86b-d5d54b35d169/ XLSB > MSI > GuLoader EXE ????VT 0/59: totally undetected! ????hxxps://mariotessarollo.com/cp/cp.msi https://capesandbox.com/analysis/127581/ #infosec #CyberSecurity #DFIR #cybercrime #Security #cyber https://twitter.com/3XS0/status/1376716875443404805/photo/1
-
[2021-03-30 06:05:03] @executemalware I saw a couple dozen #hancitor emails today - maybe the threat actors are getting back to their regular schedule again? I didn't have much time to look at it today but here's what I saw: https://pastebin.com/ivpYQWR7
-
[2021-03-29 22:15:29] @3XS0 #GuLoader #Malware from #maldoc https://app.any.run/tasks/987c76df-16cc-46fa-b86b-d5d54b35d169/ XLSB > MSI > GuLoader EXE ????VT 0/59: totally undetected! ????hxxps://mariotessarollo.com/cp/cp.msi https://capesandbox.com/analysis/127581/ #infosec #CyberSecurity #DFIR #cybercrime #Security #cyber https://twitter.com/3XS0/status/1376553604383862784/photo/1
-
[2021-03-29 20:37:10] @reecdeep #GuLoader #Malware from #maldoc https://app.any.run/tasks/987c76df-16cc-46fa-b86b-d5d54b35d169/ XLSB > MSI > GuLoader EXE ????VT 0/59: totally undetected! ????hxxps://mariotessarollo.com/cp/cp.msi https://capesandbox.com/analysis/127581/ #infosec #CyberSecurity #DFIR #cybercrime #Security #cyber https://twitter.com/reecdeep/status/1376528863430328320/photo/1
-
[2021-03-20 10:01:55] @3XS0 Java malware dropper with support for MacOS and Windows. ☕Swift_Payment_Receipt_150390023_docx.jar ☕Drops #GuLoader on Windows. ⬇️GuLoader downloads from hxxps://adojetson(.)com/dark/xdark_xljWuS110.bin https://app.any.run/tasks/cce072d3-0cb6-493d-83e8-dadd1bb26d91 https://twitter.com/3XS0/status/1373092406535598081/photo/1
-
[2021-03-08 02:09:15] @ActorExpose Defacement Incident hxxp://ktebstan.com/1877.php hxxp://carrotapps.com/1877.php hxxp://216.55.97.163/ hxxp://216.55.97.163/laws-regulations/sultanate-of-oman/the-sultanate-of-oman-anti-money-laundering-act/ hxxps://hotelpagoda.com/ @CSAFCert @douglasmun
-
[2021-03-04 22:17:30] @reecdeep #AgentTesla #Malware targets #Italy ???????? chained to #Guloader ???? [email protected] mail.gcclatinoamerica.com [email protected] ⚙️ https://www.capesandbox.com/analysis/122269/ #infosec #CyberSecurity #DFIR #cybercrime #cyberattacks #Security #cyber https://twitter.com/reecdeep/status/1367433730839699456?s= 20 https://twitter.com/reecdeep/status/1367479317081432066/photo/1
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터